CertEnrollCtrl.exe

File Path: C:\Windows\SysWOW64\CertEnrollCtrl.exe
Description: Certificate Enrollment Control

Hashes

Type	Hash
MD5	`031B08FC72A6773D79E5231D0ECA2C9A`
SHA1	`7F5982B6BCCE47C16BB3C81877FC7B9E74C4734F`
SHA256	`4DEF81210878DC626FFA5F677E12577E831B6C286C67D83A6C30DCF8FB434671`
SHA384	`D3C1BA0361731FBF99DD054978F8E5940009B39EE411BA5F5FCA5613340DCF7E76A824A700FEA3FA45C3D3862FD29D96`
SHA512	`FFCC55C9F4217A0A62FC33EA95711D4214693614E12F8FB6E9BFBEFF8FD29F37B8D3C418F7A00E55871AFE140781C58DAFAC61B4B52082A5C2F6DEF14A126AAC`
SSDEEP	`768:zrLB44+MF3lUR5qiavKHjiPqqymtnY5xpI+wLUEvK9uwY+LmGZmRr9Ah:z3h3+RfHeSan6xpI+cVvFmZmRr9k`
IMP	`EABE8C5D3BBE7BB90E7C03DED23530EE`
PESHA1	`3D297CB374445DC95799348A3D10BE98F05A23E8`
PE256	`238504DABFA2AE328755EF25453675F25BA20CB10A893F497E6E3D9B4A0CC9A2`

Runtime Data

Open Handles:

Path	Type
(R-D) C:\Windows\System32\en-US\CertEnrollCtrl.exe.mui	File
(RW-) C:\Users\user\Documents	File
(RW-) C:\Windows	File
\BaseNamedObjects__ComCatalogCache__	Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0	Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0	Section

Loaded Modules:

Path
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll
C:\Windows\SysWOW64\CertEnrollCtrl.exe

Signature

Status: Signature verified.
Serial: 330000026551AE1BBD005CBFBD000000000265
Thumbprint: E168609353F30FF2373157B4EB8CD519D07A2BFF
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: EnrollComServer.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.329 (WinBuild.160101.0800)
Product Version: 10.0.19041.329
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 32-bit

File Scan

VirusTotal Detections: 0/71
VirusTotal Link: https://www.virustotal.com/gui/file/4def81210878dc626ffa5f677e12577e831b6c286c67d83a6c30dcf8fb434671/detection/

File Similarity (ssdeep match)

File	Score
C:\Windows\SysWOW64\CertEnrollCtrl.exe	96
C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe	46
C:\Windows\SysWOW64\expand.exe	30
C:\Windows\SysWOW64\tzutil.exe	27

MIT License. Copyright (c) 2020-2021 Strontic.